CVE-2024-56627

Published: Dec 27, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read An offset from client could be a negative value, It could lead to an out-of-bounds read from the stream_buf. Note that this issue is coming when setting 'vfs objects = streams_xattr parameter' in ksmbd.conf.

Vendor	Product	Versions
Linux	Linux	affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 6bd1bf0e8c42f10a9a9679a4c103a9032d30594d` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < de4d790dcf53be41736239d7ee63849a16ff5d10` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 27de4295522e9a33e4a3fc72f7b8193df9eebe41` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 81eed631935f2c52cdaf6691c6d48e0b06e8ad73` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `5.15.176 - <= 5.15.` unaffected `6.1.120 - <= 6.1.` unaffected `6.6.66 - <= 6.6.*` +2 more versions

References

https://git.kernel.org/stable/c/6bd1bf0e8c42f10a9a9679a4c103a9032d30594d

https://git.kernel.org/stable/c/de4d790dcf53be41736239d7ee63849a16ff5d10

https://git.kernel.org/stable/c/27de4295522e9a33e4a3fc72f7b8193df9eebe41

https://git.kernel.org/stable/c/81eed631935f2c52cdaf6691c6d48e0b06e8ad73

https://git.kernel.org/stable/c/fc342cf86e2dc4d2edb0fc2ff5e28b6c7845adb9

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-56627

Description

Affected Products

References